Implementing Cloud Security Solutions
Transcript of Implementing Cloud Security Solutions
![Page 1: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/1.jpg)
Implementing Cloud Security Solutions
Tim MatthewsSr. Director, Product Marketing
© 2010 • PGP Corporation • Confidential
![Page 2: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/2.jpg)
Ancient Times vs. Modern Times
© 2010 • PGP Corporation • Confidential 2
Google Data Center in Lenoir, NC circa 2005
1999
2009
Starbucks launches HotSpots in August 2002
Desktop Data Center
![Page 3: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/3.jpg)
Risks at the New Corporate Perimeter
© 2010 • PGP Corporation • Confidential 3
![Page 4: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/4.jpg)
Breach in the Google Cloud
© 2010 • PGP Corporation • Confidential 4
![Page 5: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/5.jpg)
Data Protection Fundamentals
© 2010 • PGP Corporation • Confidential 5
Key Management
Laptop Encryption
File Encryption
Email Encryption
Device Control
DLP
![Page 6: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/6.jpg)
Cost of Data Breach
© 2010 • PGP Corporation • Confidential 6
Fourth annual report by The Ponemon Institute© & PGP Corporation (Feb 2010)
• Costs grew to $204/record or $6.7m per breach
• Lost business now accounts for 69% of breach losses
• 56% of breaches are “inside” jobs
• 42% of breaches caused by 3rd parties
Source: Ponemon, Feb 2010www.encryptionreports.com
![Page 7: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/7.jpg)
Primary Cause of a Data Breach
© 2010 • PGP Corporation • Confidential 7
![Page 8: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/8.jpg)
Where is Your Data?
© 2010 • PGP Corporation • Confidential 8
Where is your data in the physical world?
Where is your data in the cloud?
Google Docs Cloud Provider Data Centers
USB Drives Laptops Smart Phones
Backup
![Page 9: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/9.jpg)
The Hybrid Cloud
© 2010 • PGP Corporation • Confidential 9
Hybrid Cloud
Private Cloud
Transactional Data
SaaS Solutions
Public Cloud
Transformation/RoutingData Services Layer
![Page 10: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/10.jpg)
Use Case #1:Deploying Encryption Management to a Private Cloud
© 2010 • PGP Corporation • Confidential 10
Storage as a Service; File Encryption
Secure File Transfer & Cloud Backups
Central Management of Encryption Applications
Smartphone Encryption
Desktop & Gateway Email Encryption
![Page 11: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/11.jpg)
Use Case #2:Email Security as a Service
© 2010 • PGP Corporation • Confidential 11
Gateway Email Encryption
Desktop Email Encryption
![Page 12: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/12.jpg)
Use Case #3:Securing Backups to Cloud Storage
© 2010 • PGP Corporation • Confidential 12
Cloud Storage Provider
Encrypted Backups
Encryption allows use of almost any cloud storage provider.
Encrypted Backups
Encrypted Archives
![Page 13: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/13.jpg)
Use Case #4:Secure Collaboration/File Sharing
© 2010 • PGP Corporation • Confidential 13
Authorized UserUnauthorized User
PaaS
Pervasive file encryption ensures files are secured no matter where they are stored.
Authorized User
![Page 14: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/14.jpg)
Keys and the Cloud
• Lost password, token
• Employee termination
• Employee malfeasance• Lawsuit – eDiscovery
• Government request
© 2010 • PGP Corporation • Confidential 14
![Page 15: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/15.jpg)
Encryption, Key Recovery and the Cloud
• Client Encryption– Secure client or encrypt on client– Key recovery left to client, and potentially corporate key escrow
• Server Encryption– Secure server or encrypt on server– Key recovery managed by company, and potentially corporate
key escrow
• Cloud Encryption– Data sent to cloud and encrypted by cloud provider– Company loses control over surrender or keys– Unclear what recovery options are
© 2010 • PGP Corporation • Confidential 15
![Page 16: Implementing Cloud Security Solutions](https://reader030.fdocuments.us/reader030/viewer/2022020705/61fb6e3e2e268c58cd5e14ad/html5/thumbnails/16.jpg)
Security Considerations for the Cloud
© 2010 • PGP Corporation • Confidential 16
Key Management
File Encryption Email Encryption
Secure File Transfer & Backups